So we are running AM 8.9 SP3 on our XenApp/XenDesktop platform here. We had a pentest a few months back and they identified a loophole where you can bypass all the AM controls by using an excel macro to launch an application instead.. We logged it with support and was told it was fixed in 10.1, which we tried and it was. However, we do not particularly want to move to 10.1 after being told by many people not to.
The support team advised us that it related to this, https://community.ivanti.com/docs/44953 but as this only relates to regedit.exe it doesnt really do it justice to the size of the hole it creates.
We tried running applocker underneath to belt and braces, but this had a knock on effect with appsense custom actions.
Has anyone else encountered this same issue? I dont really want to post the macro code on here at the moment but i can pass it on to the developers if you want to try it anywhere